CVE-2023-2623
- Reference to the description:
- Description:
- The KiviCare WordPress plugin before 3.2.1 does not restrict the information returned in a response and returns all user data, allowing low privilege users such as subscriber to retrieve sensitive information such as the user email and hashed password of other users
- Last updated date:
- 06/30/2023
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 06/30/2023
- Reference url to background
https://wpscan.com/vulnerability/85cc39b1-416f-4d23-84c1-fdcbffb0dda0